Buyers Guide to EV SSL

   Step 1: What is an EV SSL?
   Step 2: SSL vs. EV SSL
   Step 3: Merchant Benefits
   Step 4: EV SSL Validation Process
   Step 5: Buying An EV SSL Certificate


 EV SSL FAQs
   EV SSL Certificate FAQs
   SSL vs. EV SSL
   Certification Authority/Browser Forum
   Validating the Certificate Authority
   Benefits of EV SSL


 EV SSL Info
   EV SSL News
   EV SSL Polls


 Advertisement


ev ssl certificates
(Visit Buy SSL Certs for all SSL Certificates including EV SSL )


 EV SSL Polls


   View All Polls


Which brand of EV SSL are you considering purchasing or currently using?









View EV SSL Certificate Poll Results

EV SSL and Browser Security

Most banking sites and online merchants currently use SSL to protect the end-user/client data while it is in transit between the client and Web server.

In its infancy, SSL only used a weak 40-bit encryption, which was very vulnerable to phishing and hacker attacks.

Currently, most sites use 128-bit encryption, and, in some instances, a higher encryption rate like 256-bit AES encryption.

The conflict arises with the fact that an entity can have a high level SSL encryption certificate or a low level SSL certificate.

In this example, SunTrust Bank utilizes a high-grade, 128-bit SSL encryption certificate:



Most banks use the high encryption SSL, but many phishers are able to replicate a legitimate website like SunTrust, and, in turn, fool many consumers into believing that the phony site is the real one.

It usually starts with an email to the end-user, which replicates the look-logo, language-of the legitimate entity, and when the end-user clicks on the link provided in the email, he/she is taken to an almost exact replica of the real website. What the end-user fails to do is to actually click on the "lock" icon, or to attempt to look at the "security certificate" of the phony website.

As well, they routinely overlook the string of characters behind the web address string. If most see 'https' in front of the address, and if the address changes to yellow, with a small lock icon in the corner, most assume that it's a legit site. Most assume that if the web address looks like it's a secure site, then it must be a trusted website.

The phishers use what is called a "domain-authenticated SSL certificate." These types of certificates do not go through background checks by a CA, in order to prove that the entity is legitimate; they only prove that the domain name is legitimate. It's because of these phishers, that the CA Browser Forum instituted a standard for all Web browsers, and the most popular and most used browsers are changing their functionality, in order to combat the online fraudsters.

"If every Internet user in the world had a browser that recognized the difference between High Assurance SSL Certificates and traditional ones and if every legitimate site used a High Assurance certificate, then phishing as we know it today would essentially be eliminated," wrote Tim Callan, product marketing executive for VeriSign's SSL business unit, on his blog, "Tim Callan's SSL."

CA Browser Forum guidelines state that organizations that produce a software product intended for use by the general public for browsing the Web securely can become a member of the CA Browser Forum.

The following browsers either currently support EV SSL, or they are in the process of becoming EV SSL compliant.

These browser vendors are:
  • Microsoft Corporation
  • Opera Software ASA
  • The Mozilla Foundation-Firefox
  • KDE


ev ssl                      pci compliance asv


pci compliancePrint this page

| Home |  EV SSL FAQs |  Buyers Guide to EV SSL |  Where to Buy |  EV SSL News |    EV SSL Certificate Polls | 
© 2007 EV SSL Guide.com
   All right reserved - do not copy any material without written permission.



Visit Buy SSL Certs for all SSL Certificates